package com.cloudcross.ssp.web;

import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.context.SecurityContextImpl;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import com.cloudcross.ssp.base.web.SimpleController;
import com.cloudcross.ssp.common.Config;
import com.cloudcross.ssp.common.utils.Common;
import com.cloudcross.ssp.common.utils.Md5Tool;
import com.cloudcross.ssp.model.Account;
import com.cloudcross.ssp.model.Advertiser;
import com.cloudcross.ssp.model.UserLogin;
import com.cloudcross.ssp.service.impl.AccountService;
import com.cloudcross.ssp.service.impl.AdvertiserService;
import com.cloudcross.ssp.service.impl.UserLoginService;

@Controller
@RequestMapping("/")
public class LoginController extends SimpleController {
    @Autowired
    private AccountService        accountService;
    @Autowired
    private AuthenticationManager myAuthenticationManager;
    @Autowired
    private AdvertiserService     advertiserService;
    @Autowired
    private UserLoginService      userLoginService;
    @Autowired
    private Config                config;

    @RequestMapping("login")
    public String login(Model model, HttpServletRequest request) {
        //重新登录时销毁该用户的Session
        Object o = request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
        if (null != o) {
            request.getSession().removeAttribute("SPRING_SECURITY_CONTEXT");
        }
        String logoPath = config.getLogoPath();
        request.getSession().setAttribute("logoPath", logoPath);
        return "/login";
    }

    @RequestMapping("loginCheck")
    @ResponseBody
    public Map<String, Object> loginCheck(String username, String password) {
        Map<String, Object> map = new HashMap<String, Object>();
        Account account = new Account();
        account.setAccountName(username);
        account.setPassword(Md5Tool.getMd5(password));
        // 验证用户账号与密码是否正确
        Account users = this.accountService.countAccount(account);
        map.put("error", "0");
        if (users == null) {
            map.put("error", "用户或密码不正确！");
        } else if (users != null && Common.isEmpty(users.getAccountName())) {
            map.put("error", "用户或密码不正确！");
        }
        return map;
    }

    @RequestMapping("submitlogin")
    public String submitlogin(String username, String password, HttpServletRequest request) throws Exception {
        Account users = null;
        try {
            if (!request.getMethod().equals("POST")) {
                request.setAttribute("error", "支持POST方法提交！");
            }
            if (Common.isEmpty(username) || Common.isEmpty(password)) {
                request.setAttribute("error", "用户名或密码不能为空！");
                return Common.BACKGROUND_PATH + "/framework/login";
            }
            // 验证用户账号与密码是否正确
            users = this.accountService.querySingleAccount(username);
            if (users == null) {
                request.setAttribute("error", "用户或密码不正确！");
                return "/login";
            } else if (users != null && Common.isEmpty(users.getAccountName())
                    && !Md5Tool.getMd5(password).equals(users.getPassword())) {
                request.setAttribute("error", "用户或密码不正确！");
                return "/login";
            }
            Authentication authentication = myAuthenticationManager
                    .authenticate(new UsernamePasswordAuthenticationToken(username, users.getPassword()));
            SecurityContext securityContext = SecurityContextHolder.getContext();
            securityContext.setAuthentication(authentication);
            HttpSession session = request.getSession(true);
            session.setAttribute("SPRING_SECURITY_CONTEXT", securityContext);
            // 当验证都通过后，把用户信息放在session里
            if (users.getSysType() == 3) {
                if (users.getAdvertiserId() != 0 && users.getAgentId() != 0) {
                    request.getSession().setAttribute("role", "advertiser");
                    Advertiser advertiser = advertiserService.findById(users.getAdvertiserId());
                    if (advertiser != null) {
                        request.getSession().setAttribute("advertiserName", advertiser.getName());
                    }
                }
                if (users.getAdvertiserId() == 0 && users.getAgentId() != 0) {
                    request.getSession().setAttribute("role", "agent");
                    request.getSession().setAttribute("advertiserName", "");
                }
            }
            //读取图片路径
            String iconPath = config.getIconPath();
            request.getSession().setAttribute("iconPath", iconPath);
            String logout = config.getLogout();
            request.getSession().setAttribute("logout", logout);
            request.getSession().setAttribute("userSession", users);
            request.getSession().setAttribute("userSessionId", users.getId());
            request.getSession().setAttribute("sessionAccountType", users.getType());
            String userId = request.getSession().getAttribute("userSessionId").toString();
            String userName = users.getAccountName();
            String ip = Common.toIpAddr(request);
            UserLogin userLogin = new UserLogin();
            userLogin.setUserId(Integer.parseInt(userId));
            userLogin.setUserName(userName);
            userLogin.setloginIP(ip);
            userLoginService.add(userLogin);
            request.removeAttribute("error");
        } catch (AuthenticationException ae) {
            request.setAttribute("error", "登录异常，请联系管理员！");
            return "/login";
        }
        return "redirect:/main/home";
    }

    /**
     * @return
     * @throws Exception
     */
    @RequestMapping("menu")
    public String menu(Model model) {
        return "/menu";
    }

    /**
     * 获取某个用户的权限资源
     * 
     * @author wuqiang.du Email：mmm333zzz520@163.com date：2014-3-4
     * @param request
     * @return
     */
    @RequestMapping("findAuthority")
    @ResponseBody
    public List<String> findAuthority(HttpServletRequest request) {
        SecurityContextImpl securityContextImpl = (SecurityContextImpl) request.getSession().getAttribute(
                "SPRING_SECURITY_CONTEXT");
        List<GrantedAuthority> authorities = (List<GrantedAuthority>) securityContextImpl.getAuthentication()
                .getAuthorities();
        List<String> strings = new ArrayList<String>();
        for (GrantedAuthority grantedAuthority : authorities) {

            strings.add(grantedAuthority.getAuthority());

        }
        return strings;
    }

    @ResponseBody
    @RequestMapping("install")
    public Map<String, Object> install(Model model) {
        Map<String, Object> map = new HashMap<String, Object>();
        try {
            map.put("success", "初始化成功!");
        } catch (Exception e) {
            map.put("error", "初始化失败  ---------- >   " + e);
        }
        return map;
    }

    @RequestMapping("/download")
    public void download(String fileName, HttpServletRequest request, HttpServletResponse response) throws Exception {

        response.setContentType("text/html;charset=utf-8");
        request.setCharacterEncoding("UTF-8");
        java.io.BufferedInputStream bis = null;
        java.io.BufferedOutputStream bos = null;

        String ctxPath = request.getSession().getServletContext().getRealPath("/") + "\\" + "filezip\\";
        String downLoadPath = ctxPath + fileName;
        try {
            long fileLength = new File(downLoadPath).length();
            response.setContentType("application/x-msdownload;");
            response.setHeader("Content-disposition", "attachment; filename="
                    + new String(fileName.getBytes("utf-8"), "ISO8859-1"));
            response.setHeader("Content-Length", String.valueOf(fileLength));
            bis = new BufferedInputStream(new FileInputStream(downLoadPath));
            bos = new BufferedOutputStream(response.getOutputStream());
            byte[] buff = new byte[2048];
            int bytesRead;
            while (-1 != (bytesRead = bis.read(buff, 0, buff.length))) {
                bos.write(buff, 0, bytesRead);
            }
        } catch (Exception e) {
            e.printStackTrace();
        } finally {
            if (bis != null)
                bis.close();
            if (bos != null)
                bos.close();
        }
    }
}
